Production

Automated SOAR Playbook

Complete SOAR workflow to neutralize threats in real-time. SIEM Elasticsearch integration, multi-source enrichment (VirusTotal), automatic blocking on Fortinet firewall, GitOps blocklist management.

n8nElasticsearchVirusTotal APIFortinet APIGitLab

Key Features

Real-Time Detection

Continuous SIEM Elasticsearch monitoring

Multi-Source Enrichment

VirusTotal, AbuseIPDB and other threat intel sources

Automatic Blocking

Immediate action on Fortinet firewall

GitOps

Version-controlled blocklist management via GitLab

Tech Stack

n8n Orchestration

Elasticsearch SIEM

VirusTotal API Threat Intel

Fortinet API Firewall

GitLab GitOps

Technical Challenges & Solutions

Challenge 1

Minimizing false positives

Challenge 2

Speed of reaction

Challenge 3

Action traceability

Challenge 4

Exception management

Interested in this project?

Contact me to discuss similar projects or for more information.

Contact me View all projects